MUMBAI: Brijesh Rao, aspiring cyber security professional, is excited about his prospects. The 24-year-old has enrolled for a masters in network administration, with a specialisation in ethical hacking, at computer hardware and network institute Jetking. “Major attacks take place on servers of companies, and job opportunities are high. It’s a good time to enter the industry,” he said.

His enthusiasm may not be misplaced. The demand for cyber professionals in India is huge, and students are making a beeline for such courses. But despite the growing demand, there are gaping holes in the cyber security training ecosystem. Poor infrastructure and awareness in the education sector, inadequate supply of qualified trainers and businesses not investing enough in security are just some of the issues the sector faces.

“There is a lack of specialised courses. Every 18 months there is a change in hardware and software technology. Cyber security aspirants need to constantly update themselves,” said Rituparna Chakraborty, senior vice president, Team Lease Services.

Two years ago, the Union ministry of information technology estimated that India would need five lakh cyber security professionals by 2015, a far cry from reality. “The estimate is that we have just about 50,000; we need at least one million skilled people by 2020,” said Nasscom president RChandrasekhar. Here’s the rub: the number of cyber crimes projected to occur in India this year is around 3,00,000, according to Worldline CEO Deepak Chandnani. Mumbai alone has seen 12-14,000 fraudulent online payment transactions in a month, he added.

From the information technology, finan cial and telecom sector to the utility sector, demand for specialists is greater than supply. “The number of skilled people is low,” said a TCS spokesperson, who did not wishto be named. “We usually hire an ME or MTech in Information Security, or an individual with leading industry recognised certifications like CISSP.”

Jetking certifies the increase in demand. “Over 6,000 out of 20,000 students have taken up our ethical hacking course in the past year,” said Siddarth Bharwani, director of the institute, which for the first time in five years, has seen a 30% rise in the number of students interested in ethical hacking. Still, there is a severe dearth of skilled cyber security professionals. In the financial sector, security reviews occur on a 24x7 basis. It is common for banks to have a closely guarded strategy where they deal with multiple partners to ensure a well regulated security mechanism is in place, said M Mahapatra, chief information officer, State Bank of India. But there just aren’t enough people to carry this out.

“We are seeing a dire need for experts in event monitoring, quick incident response, identification of security threats/alarms and collection of forensic evidence,” said a spokesperson for Tata Power, who did not wish to be named.

The scenario is reminiscent of the late 1970s when engineers in any discipline would handle IT-related issues, he said, adding the situation stems from the lack of awareness and training courses.

Tata Power plans to establish a security control room by the end of this year or the beginning of next year, and will hire security experts to manage it on a 24x7 basis.

Attempts are being made to remedy the situation. For instance, Nasscom and Symantec, the global leader in cyber security, have signed a memorandum of understanding to develop world-class skilled and certified professionals. Along with the Data Security Council of India (DSCI) and the Sector Skill Council (SSC) Nasscom is focusing on developing five prioritised job roles in cyber security and creating a master training programme. Nasscom also intends to fund a scholarship for 1,000 women undertaking the cyber security certification.

The implementation of these plans is yet to be seen and needs to be addressed on a war footing. “We have a long way to go. Education is a start. We are targeting MCA and MCS students, identifying the brightest talent. We will hone their skill sets through six month internships that are aligned with university timelines,” said Sudhanshu Pandit, vice president, HR, Symantec India. He added that their ‘student connect’ programme at the end of internships provided basis feedback, openings within organisations, converting interns into full-time employees.

Sponsored Stories

Subscribe ETTelecom Newsletter

In a letter to BBNL and BSNL top executives, telecom secretary Aruna Sundararajan said that a disciplinary action would be taken against officials responsible and attributed "lack of professionalism" on the part of two public sector companies.